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REMARKS 

The Examiner has maintained the latest rejection. Applicant still purports that such 
rejection is deficient. However, in the spirit of expediting the prosecution of the present 
application and bringing closure to this matter, applicant has incorporated, at least in part, the 
subject matter of Fig. 3 of the originally filed specification into each of the independent claims. 

The Examiner has rejected Claims 1-32 under 35 U.S.C. 102(e) as being allegedly 
anticipated by Coss et al. (U.S. 6,098,172). Applicant respectfully disagrees with this rejection, 
especially in view of the amendments made hereinabove. 

Specifically, now claimed in each of the independent claims is the following subject 

matter: 

' Vherein the security policy is defined by a policy file which includes a policy 
file data structure stored as an XML (extensible markup language) document; 

wherein a security policy section of the policy file data structure includes an entry 
for each security policy that is identified by a policy identifier field and is associated with 
a network protocol that is identified by a protocol identifier field; 

wherein the security policy section specifies filters for at least a portion of ports 
and services defined by the network protocol, and each port and service associated with 
the security policy is identified by an element identifier field, a field containing filter 
settings, and a log indicator field; 

wherein at least one security policy is included for a TCP/IP network and includes 
a PPTP (point-to-point tunneling protocol), a RIP (routing information protocol), a 
DHCP (dynamic host configuration protocol), an ARP (address resolution protocol), an 
Went (identification protocol), ICMP (internet control message protocol) and VPN 
(virtual private networking) ports, and a NetBIOS (network basic input/output system) 
service; 

wherein a default setting for a high security policy on the TCP/IP network 
disallows incoming network traffic througji the PPTP and ICMP ports, allows incoming 
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network traffic through the RIP, DHCP, ARP and VPN ports, disallows access through 
the NetBIOS service to shared resources on the individual computer, and disallows the 
individual computer from using shared resources of other computers on the TCP/IP 
network, where incoming network traffic that attempts to access the individual computer 
usmg PPTP and NetBIOS is logged; 

wherein a zone section of the pohcy file data structure includes an entry for each 
defined address zone and includes an identifier field, an address parameters field that 
defines the zone, and an identifier field for the security policy assigned to the zone; 

wherein a default zone is defined by addresses that are outside another zone" (see 
each of the independent claims). 

Thus, now claimed is a security policy data structure that provides enhanced automatic 
configuration of a firewall to optimize tlie ability thereof to protect an associated computer. 

The Examiner is reminded that a claim is anticipated only if each and every element as 
set forth in the claim is found, either expressly or inherently described in a single prior art 
reference. Verdegaal Bros, v. Union Oil Co. Of California, 814 F.2d 628. 631, 2 USPQ2d 1051, 
1053 (Fed. Cir, 1987). Moreover, the identical invention must be sbown in as complete detail as 
contained in the claim. Richardson v. Suzuki Motor Co,868 F.2d 1226, 1236, 9USPQ2d 1913, 
1920 (Fed Cir. 1989). The elements must be arranged as required by the claim. 

This criterion has simply not been met by the Coss reference, especially in view of the 
amendments made hereinabove. A notice of allowance or a specific prior art showing of all of 
applicant's claim limitations, in combination with the remaining claim elements, is respectfully 
requested. 

To this end, all of the independent claims are deemed allowable. Moreover, the 
remaining dependent claims are fiirther deemed allowable, in view of their dependence on such 
independent claims. 

Reconsideration is respectfully requested 
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In the event a telephone conversation would expedite the prosecution of this application, 
the Examiner may reach the undersigned at (408) 505-5100. Applicants are enclosing a check to 
pay for the added claims. The Commissioner is authorized to charge any additional fees or credit 
any overpayment to Deposit Account No. 50-135 1 (Order No. NAI1P361). 



P.O. Box 721 120 

San Jose, CA 95172-1 120 

408-505-5100 




^d^ation No. 41,429 
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